Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/OhT9WmZ6eQri6WJ2a8ifVpPrJnc.roa
File: OhT9WmZ6eQri6WJ2a8ifVpPrJnc.roa (raw, json)
Hash identifier: fXe9Zxbl2TIDkCAb8j2PGRTc6br1K/9rOIXHJcSO680=
Subject key identifier: 3A:14:FD:5A:66:7A:79:0A:E2:E9:62:76:6B:C8:9F:56:93:EB:26:77
Certificate issuer: /CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b
Certificate serial: 01947B50E611BCC5E81C4DE2C287523935BC
Authority key identifier: B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/OhT9WmZ6eQri6WJ2a8ifVpPrJnc.roa
Signing time: Sat 18 Jan 2025 21:28:06 +0000
ROA not before: Sat 18 Jan 2025 21:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62425
IP address blocks: 91.216.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 19:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7b:50:e6:11:bc:c5:e8:1c:4d:e2:c2:87:52:39:35:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b
Validity
Not Before: Jan 18 21:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a14fd5a667a790ae2e962766bc89f5693eb2677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d5:30:25:79:9c:aa:1b:01:38:f4:b0:d9:74:
2b:74:25:47:fb:4b:50:8e:6e:01:09:1d:4d:98:a8:
0b:cd:73:4f:00:9b:ba:f8:7c:33:b7:32:dd:7b:fe:
4d:89:24:8f:57:4f:ad:85:c3:c7:05:7a:33:bf:5f:
27:93:bf:bb:29:24:31:61:30:69:84:8f:f8:fe:e8:
98:f9:cb:56:a4:37:10:d5:b0:a2:52:25:32:e8:86:
bc:f3:6f:f5:6a:d6:08:28:36:e4:36:6e:9c:9b:96:
b1:2e:39:dc:7e:20:39:58:f1:fe:a2:24:f0:e3:1b:
6b:93:ac:d5:84:ae:aa:6b:fe:e3:a3:4d:0b:74:67:
1b:fe:41:91:4c:5a:5c:e0:9e:65:f1:d5:8c:b4:71:
02:76:92:65:b1:dc:08:84:ba:06:d4:b0:ad:4a:a1:
fe:e0:e2:4d:21:bf:a3:92:a0:f5:f3:fc:e0:28:35:
9e:b7:5a:21:32:da:b8:de:00:39:fb:78:6f:e8:73:
d4:1f:4b:41:82:00:42:e7:b6:ab:31:3e:22:e3:f8:
ec:2b:f8:d1:f4:7d:b6:e8:bc:ac:5e:d5:11:51:e2:
aa:8d:93:7f:ba:1f:cd:48:ff:5e:93:39:cf:05:a2:
19:26:1d:e5:f2:24:e5:57:2c:97:d5:e0:c0:68:78:
9b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:14:FD:5A:66:7A:79:0A:E2:E9:62:76:6B:C8:9F:56:93:EB:26:77
X509v3 Authority Key Identifier:
keyid:B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/OhT9WmZ6eQri6WJ2a8ifVpPrJnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/sxxM5mPh7CRedHzYRvGmnduDSzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.71.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ac:84:8d:93:c1:48:c8:dc:81:5e:77:c6:21:a0:2b:23:22:
c0:93:44:da:10:ff:ea:24:fe:2b:19:64:d4:29:a4:1f:60:20:
39:32:aa:ff:65:00:ad:ae:dd:77:62:8a:e5:be:fa:09:86:45:
99:96:d1:08:e2:b5:b6:ba:f0:1b:d5:15:6c:5b:35:8e:2b:00:
8a:20:38:3a:ff:2b:06:6b:8c:2e:33:cb:73:18:79:d1:37:2c:
a9:f3:b7:0c:10:4c:01:69:5e:79:69:67:f2:21:2b:a9:63:9f:
cd:55:ed:6f:dd:1b:df:e6:3b:b0:e8:f8:ae:6e:88:0b:4c:8d:
ba:9e:d5:ed:07:d2:78:85:0f:d0:57:59:e0:82:b7:fb:9c:c6:
46:68:5b:68:5d:3c:ab:67:fb:b2:51:d6:ca:c3:23:55:f6:20:
a0:e8:5d:11:91:bb:1c:e8:86:73:21:b4:81:ca:19:4b:7c:de:
7e:fe:9d:a0:01:a6:eb:ea:2b:f4:3f:b2:3b:f8:d5:41:5b:48:
9b:47:3e:f6:21:b2:de:ef:f9:61:18:63:3d:9c:eb:71:97:fd:
a6:63:25:04:81:fa:52:2e:e5:21:e9:b3:ab:b9:db:bc:aa:91:
6a:86:37:e1:5d:89:04:2d:82:a4:8f:82:0a:8b:11:ce:38:1f:
78:46:76:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR7UOYRvMXoHE3iwodSOTW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWM0Y2U2NjNlMWVjMjQ1ZTc0N2NkODQ2ZjFhNjlkZGI4
MzRiM2IwHhcNMjUwMTE4MjEyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTE0ZmQ1YTY2N2E3OTBhZTJlOTYyNzY2YmM4OWY1NjkzZWIyNjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dUwJXmcqhsBOPSw2XQrdCVH+0tQ
jm4BCR1NmKgLzXNPAJu6+HwztzLde/5NiSSPV0+thcPHBXozv18nk7+7KSQxYTBp
hI/4/uiY+ctWpDcQ1bCiUiUy6Ia882/1atYIKDbkNm6cm5axLjncfiA5WPH+oiTw
4xtrk6zVhK6qa/7jo00LdGcb/kGRTFpc4J5l8dWMtHECdpJlsdwIhLoG1LCtSqH+
4OJNIb+jkqD18/zgKDWet1ohMtq43gA5+3hv6HPUH0tBggBC57arMT4i4/jsK/jR
9H226LysXtURUeKqjZN/uh/NSP9ekznPBaIZJh3l8iTlVyyX1eDAaHib7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDoU/VpmenkK4ulidmvIn1aT6yZ3MB8GA1UdIwQY
MBaAFLMcTOZj4ewkXnR82Ebxpp3bg0s7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h4TTVtUGg3Q1JlZEh6WVJ2R21uZHVEU3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy84NGQ0NzYtMzIzMy00MTMxLThmZmMt
NDY1YWRjMjk1OWYyLzEvT2hUOVdtWjZlUXJpNldKMmE4aWZWcFBySm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy84NGQ0NzYtMzIzMy00MTMxLThmZmMtNDY1YWRjMjk1OWYy
LzEvc3h4TTVtUGg3Q1JlZEh6WVJ2R21uZHVEU3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9hHMA0G
CSqGSIb3DQEBCwUAA4IBAQAKrISNk8FIyNyBXnfGIaArIyLAk0TaEP/qJP4rGWTU
KaQfYCA5Mqr/ZQCtrt13YorlvvoJhkWZltEI4rW2uvAb1RVsWzWOKwCKIDg6/ysG
a4wuM8tzGHnRNyyp87cMEEwBaV55aWfyISupY5/NVe1v3Rvf5juw6PiubogLTI26
ntXtB9J4hQ/QV1nggrf7nMZGaFtoXTyrZ/uyUdbKwyNV9iCg6F0Rkbsc6IZzIbSB
yhlLfN5+/p2gAabr6iv0P7I7+NVBW0ibRz72IbLe7/lhGGM9nOtxl/2mYyUEgfpS
LuUh6bOrudu8qpFqhjfhXYkELYKkj4IKixHOOB94RnaV
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:45:58 2025 by rpki-client